Steven Blake wrote: > > I have some comments about Section 3.2.1 (Centrally Assigned Global IDs) > > 1. I don't understand the necessity for the requirement to generate IDs > consistent with [RANDOM]. The IDs need to be unique and > sufficiently "randomized" (one could argue how important this need > really is) so that there is no plausible way to aggregate them. I > don't think it is necessary to be unable to guess the date or > relative order in which a particular ID was allocated, however.
Strictly, that's true, but isn't it easier to simply refer to an existing method? > > 2. I don't find the argument for a single allocation authority > compelling. It is still possible for a single authority (i.e., > IANA) to delegate blocks of the global ID space to multiple > registries. The naive way would be to delegate lists of random > numbers generated by IANA. A more elegant way would be to delegate > ranges in the sequence space of a non-repeating PRNG (e.g., maximal > period 40-bit LFSR). Note that the requirement (1) above precludes > this latter method. Yes but why bother ? There is no geographical aspect here, so why set up more than one registry? > > 3. I don't believe it is essential to have alternative registration > methods besides web and e-mail. Anyone can establish a new network > using only PA addresses (and locally assigned local IDs if > necessary) before acquiring a "centrally assigned" local ID. One > could also ask a friend with connectivity, or go to a local library. > Requiring non-automated means of registration significantly drives > up the allocation cost. I would agree, but how does someone in the middle of a developing country with no connected friends and no such thing as a library do it? > > 4. I don't believe that it is necessary for the allocation registry to > escrow each allocation; I think it is sufficient for the allocation > recipient to do so. In a dispute one can prove that he or she owns > an allocation by producing a non-repudiatable (e.g., signed) message > from a registry. The registries would only have to escrow their > public keys. Yes, I think that is better. > > 5. I don't believe that the 10 euro fee is appropriate. I suspect that > the cost to collect the money is substantially higher than the > cost to manage the registry infrastructure, especially if the > requirements are relaxed sufficiently such that the process can be > fully automated. Although I'm not volunteering to foot the costs > of a registry myself, I suspect sponsors could be found to operate > them. The fee is the abuse-prevention mechanism. We know from other examples that automated registries can and do operate at that level of fee. And in the conditions of the early 21st century, no, I don't think it's trivial to find sponsorship. > > 6. I believe a centralized registry is more susceptible to a DoS > attack. That's true. But if each probe of the attack takes 10 Euros out of the attackers credit card, who cares? Brian -------------------------------------------------------------------- IETF IPv6 working group mailing list [EMAIL PROTECTED] Administrative Requests: https://www1.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------
